CVE-2022-26432

{"id": "CVE-2022-26432", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2022-08-01T14:15:09.273", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/August-2022", "tags": ["Vendor Advisory"], "source": "security@mediatek.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542."}, {"lang": "es", "value": "En mailbox, se presenta una posible escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una escalada local de privilegios con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS07032542; ID de incidencia: ALPS07032542"}], "lastModified": "2022-08-05T15:02:51.407", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"}, {"criteria": "cpe:2.3:o:yoctoproject:yocto:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "987749DE-6EE9-401A-B2D4-B1680CAD0376"}, {"criteria": "cpe:2.3:o:yoctoproject:yocto:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC506285-78EF-47B7-A990-FB7D2ED20885"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39"}, {"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB"}, {"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B"}, {"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58"}, {"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD"}, {"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE"}, {"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401"}, {"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB"}, {"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000"}, {"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06"}, {"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4"}, {"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF"}, {"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF"}, {"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4"}, {"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709"}, {"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071"}, {"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF"}, {"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA"}, {"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6"}, {"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220"}, {"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677"}, {"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449"}, {"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@mediatek.com"}